News Stay informed about the latest enterprise technology news and product updates.

Addressing wearables security, the next wave of BYOD concerns

As new gizmos and gadgets gain consumer momentum, they will inevitably infiltrate the enterprise and -- of course -- become the bane of IT's existence as they bring with them not only user connectivity wants and needs, but also numerous management issues and security risks that must be addressed.

However, as Domingo Guerra, president and co-founder of Appthority, told SearchSecurity at RSA Conference 2015, when it comes to wearables, many enterprises are fortunate enough to have BYOD in their back pocket to learn from.

"One of the key learnings from the first wave of BYOD is that enterprise IT and security departments can't really stop this," Guerra said. "We're not going to be able to prevent users from bringing [wearables] in."

And, perhaps unfortunately for enterprises, this likely isn't the last wave of BYOD.

"This is just the next wave of BYOX," Guerra said. "It's users bringing a connected device into the enterprise that will access other mobile devices, it can access corporate networks. Or just facilitate the amount of devices receiving sensitive information -- like email, calendar syncs or meeting invites, for example."

So what exactly have enterprises learned from the first influx of BYOD? And how can wearables security be properly addressed?

"A good strategy would be to know what the policy will be in terms of whether or not (wearables) will be able to connect to a corporate network, for example," Guerra said. "Will we require some sort of authentication? What kind of apps will be allowed?"

To round out the discussion, Guerra discussed the devices he and Appthority are most interested in from a security perspective, the security of Apple Watch and what will happen when it separates from iOS, and more.

View All Videos

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Has your enterprise addressed wearables security yet?
We are in the early stages of addressing not only wearables security, but IoT devices in general, at least within our network. To address security you have to know what devices are on the network, what services/apps they are running, and what they are doing. A good CMDB is invaluable for that, but it also requires controls to be in place to address how and when wearables and other personal devices can connect to the network. Device security in general is also being examined, but the primary focus is on company-issued devices first.
Not that I know. We cannot even bring in our own devices to connect to the company wireless. It's locked down tight. To be honest I do not think I could name an employee with a wearable that has access. Ifanything we would be testing it's security out first before is was even being considered for general use.
Unfortunately, NO, though we've been lucky until now. Many links, no sign of damage. The companies I work assume they're too small to bother with. They're wrong, of course. Our workflow depends on a myriad of outside tools - I don't think my industry issues handheld devices to anyone. I've certainly never been handed anything. You might think the Sony debacle would have been a wakeup call. Apparently not.
I agree with ncberns. We as an industry have enough security issues with the doors and gateways we have now. We cannot keep unwanted guest from entering our systems. The last thing we want to do is add another door we have to keep locked.